Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-11-02 12:05:57 +01:00
Code Issues Packages Projects Releases Wiki Activity

closes #2330

Browse Source
This commit is contained in:
barisusakli
2015-09-16 08:35:40 -04:00
parent f80a6350c4
commit 11c70f3a28
6 changed files with 70 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
public/src/client/topic/threadTools.js
View File

@@ -94,9 +94,15 @@ define('forum/topic/threadTools', ['forum/topic/fork', 'forum/topic/move', 'comp
function topicCommand(command, tid) { function topicCommand(command, tid) {
translator.translate('[[topic:thread_tools.' + command + '_confirm]]', function(msg) { translator.translate('[[topic:thread_tools.' + command + '_confirm]]', function(msg) {
bootbox.confirm(msg, function(confirm) { bootbox.confirm(msg, function(confirm) {
if (confirm) { if (!confirm) {
socket.emit('topics.' + command, {tids: [tid], cid: ajaxify.data.cid}); return;
} }
socket.emit('topics.' + command, {tids: [tid], cid: ajaxify.data.cid}, function(err) {
if (err) {
app.alertError(err.message);
}
});
}); });
}); });
} }

17
src/postTools.js
View File

@@ -56,13 +56,18 @@ var async = require('async'),
} }
PostTools.purge = function(uid, pid, callback) { PostTools.purge = function(uid, pid, callback) {
privileges.posts.canEdit(pid, uid, function(err, canEdit) { async.waterfall([
if (err || !canEdit) { function (next) {
return callback(err || new Error('[[error:no-privileges]]')); privileges.posts.canPurge(pid, uid, next);
},
function (canPurge, next) {
if (!canPurge) {
return callback(new Error('[[error:no-privileges]]'));
}
cache.del(pid);
posts.purge(pid, next);
} }
cache.del(pid); ], callback);
posts.purge(pid, callback);
});
}; };

14
src/privileges/categories.js
View File

@@ -22,14 +22,15 @@ module.exports = function(privileges) {
{name: 'Access & Read'}, {name: 'Access & Read'},
{name: 'Create Topics'}, {name: 'Create Topics'},
{name: 'Reply to Topics'}, {name: 'Reply to Topics'},
{name: 'Purge'},
{name: 'Moderate'} {name: 'Moderate'}
]; ];
var userPrivilegeList = [ var userPrivilegeList = [
'find', 'read', 'topics:create', 'topics:reply', 'mods' 'find', 'read', 'topics:create', 'topics:reply', 'purge', 'mods'
]; ];
var groupPrivilegeList = [ var groupPrivilegeList = [
'groups:find', 'groups:read', 'groups:topics:create', 'groups:topics:reply', 'groups:moderate' 'groups:find', 'groups:read', 'groups:topics:create', 'groups:topics:reply', 'groups:purge', 'groups:moderate'
]; ];
async.parallel({ async.parallel({
@@ -194,6 +195,15 @@ module.exports = function(privileges) {
], callback); ], callback);
}; };
privileges.categories.isUserAllowedTo = function(privilege, cid, uid, callback) {
if (!cid) {
return callback(null, false);
}
helpers.isUserAllowedTo(privilege, uid, [cid], function(err, results) {
callback(err, Array.isArray(results) && results.length ? results[0] : false);
});
};
privileges.categories.can = function(privilege, cid, uid, callback) { privileges.categories.can = function(privilege, cid, uid, callback) {
if (!cid) { if (!cid) {
return callback(null, false); return callback(null, false);

18
src/privileges/posts.js
View File

@@ -127,6 +127,24 @@ module.exports = function(privileges) {
}); });
}; };
privileges.posts.canPurge = function(pid, uid, callback) {
async.waterfall([
function (next) {
posts.getCidByPid(pid, next);
},
function (cid, next) {
async.parallel({
purge: async.apply(privileges.categories.isUserAllowedTo, 'purge', cid, uid),
owner: async.apply(posts.isOwner, pid, uid),
isAdminOrMod: async.apply(privileges.categories.isAdminOrMod, cid, uid)
}, next);
},
function (results, next) {
next(null, results.isAdminOrMod || (results.purge && results.owner));
}
], callback);
};
function isPostEditable(pid, uid, callback) { function isPostEditable(pid, uid, callback) {
async.waterfall([ async.waterfall([
function(next) { function(next) {

18
src/privileges/topics.js
View File

@@ -170,6 +170,24 @@ module.exports = function(privileges) {
], callback); ], callback);
}; };
privileges.topics.canPurge = function(tid, uid, callback) {
async.waterfall([
function (next) {
topics.getTopicField(tid, 'cid', next);
},
function (cid, next) {
async.parallel({
purge: async.apply(privileges.categories.isUserAllowedTo, 'purge', cid, uid),
owner: async.apply(topics.isOwner, tid, uid),
isAdminOrMod: async.apply(privileges.categories.isAdminOrMod, cid, uid)
}, next);
},
function (results, next) {
next(null, results.isAdminOrMod || (results.purge && results.owner));
}
], callback);
};
privileges.topics.canEdit = function(tid, uid, callback) { privileges.topics.canEdit = function(tid, uid, callback) {
winston.warn('[deprecated] please use privileges.topics.isOwnerOrAdminOrMod'); winston.warn('[deprecated] please use privileges.topics.isOwnerOrAdminOrMod');
privileges.topics.isOwnerOrAdminOrMod(tid, uid, callback); privileges.topics.isOwnerOrAdminOrMod(tid, uid, callback);

6
src/threadTools.js
View File

@@ -75,10 +75,10 @@ var async = require('async'),
if (!exists) { if (!exists) {
return callback(); return callback();
} }
privileges.topics.isOwnerOrAdminOrMod(tid, uid, next); privileges.topics.canPurge(tid, uid, next);
}, },
function (isOwnerOrAdminOrMod, next) { function (canPurge, next) {
if (!isOwnerOrAdminOrMod) { if (!canPurge) {
return next(new Error('[[error:no-privileges]]')); return next(new Error('[[error:no-privileges]]'));
} }